Customize CA cert generation via config file

2024-05-22 16:08:57 +02:00 · 2024-05-22 16:08:57 +02:00 · 1116cd3e51
parent b7739c039e
commit 1116cd3e51
2 changed files with 57 additions and 13 deletions
--- a/cert400.toml.example
+++ b/cert400.toml.example
@ -0,0 +1,13 @@
 [CA]
 serial_number = 2020
 organization = "Empresa SL"
 country = "ES"
 province = "Valencia"
 locality = "Valencia"
 street_address = "C/Fake Address 123"
 postal_code = "80085"
 not_after = 1
 rsa_bitsize = 3072
 [Server]
 port = "1302"
--- a/cmd/generateFunc.go
+++ b/cmd/generateFunc.go
@ -1,3 +1,7 @@
 /*
 Copyright © 2024 raul
 */
 package cmd
 import (
@ -12,6 +16,21 @@ import (
 	"math/big"
 	"os"
 	"time"
 	"github.com/spf13/viper"
 	//"github.com/spf13/viper"
 )
 var (
 	serialnumber  int
 	organization  string
 	country       string
 	province      string
 	locality      string
 	streetaddress string
 	postalcode    string
 	notafter      int
 	RSA_bitsize   int
 )
 func generateCA() {
@ -19,24 +38,36 @@ func generateCA() {
 	if err != nil {
 		log.Fatalf("Error happened looking up user home directory: %v\n", err)
 	}
 	RSA_bitsize = viper.GetInt("CA.rsa_bitsize")
 	serialnumber = viper.GetInt("CA.serial_number")
 	organization = viper.GetString("CA.organization")
 	country = viper.GetString("CA.country")
 	province = viper.GetString("CA.province")
 	locality = viper.GetString("CA.locality")
 	streetaddress = viper.GetString("CA.street_address")
 	postalcode = viper.GetString("CA.postal_code")
 	notafter = viper.GetInt("CA.not_after")
 	// fmt.Println(serialnumber, organization, country, province, locality, streetaddress, postalcode, notafter)
 	// os.Exit(0)
 	ca := &x509.Certificate{
-		SerialNumber: big.NewInt(2024),
+		SerialNumber: big.NewInt(int64(serialnumber)),
 		Subject: pkix.Name{
-			Organization:  []string{"Company, INC."},
+			Organization:  []string{organization},
-			Country:       []string{"US"},
+			Country:       []string{country},
-			Province:      []string{""},
+			Province:      []string{province},
-			Locality:      []string{"San Francisco sucks"},
+			Locality:      []string{locality},
-			StreetAddress: []string{"Golden Gate Bridge"},
+			StreetAddress: []string{streetaddress},
-			PostalCode:    []string{"94016"},
+			PostalCode:    []string{postalcode},
 		},
 		NotBefore:             time.Now(),
-		NotAfter:              time.Now().AddDate(10, 0, 0),
+		NotAfter:              time.Now().AddDate(notafter, 0, 0),
 		IsCA:                  true,
 		ExtKeyUsage:           []x509.ExtKeyUsage{x509.ExtKeyUsageClientAuth, x509.ExtKeyUsageServerAuth},
 		KeyUsage:              x509.KeyUsageDigitalSignature | x509.KeyUsageCertSign,
 		BasicConstraintsValid: true,
 	}
-	caPrivKey, err := rsa.GenerateKey(rand.Reader, 3072)
+	caPrivKey, err := rsa.GenerateKey(rand.Reader, RSA_bitsize)
 	if err != nil {
 		log.Fatalf("Error happened generating private key: %v\n", err)
 	}
@ -68,16 +99,16 @@ func generateCA() {
 		}
 	}
-	fmt.Printf("Generating %v/.config/cert400/server.key...\n", home)
+	fmt.Printf("Generating %v/.config/cert400/ca.key...\n", home)
 	// TODO: Check if keys already exist and warn the user about it
-	key, err := os.OpenFile(home+"/.config/cert400/server.key", os.O_WRONLY|os.O_CREATE, 0600)
+	key, err := os.OpenFile(home+"/.config/cert400/ca.key", os.O_WRONLY|os.O_CREATE, 0600)
 	if err != nil {
 		log.Fatalf("Error happened opening file: %v\n", err)
 	}
 	defer key.Close()
-	fmt.Printf("Generating %v/.config/cert400/server.cert...\n", home)
+	fmt.Printf("Generating %v/.config/cert400/ca.cert...\n", home)
-	cert, err := os.OpenFile(home+"/.config/cert400/server.crt", os.O_WRONLY|os.O_CREATE, 0600)
+	cert, err := os.OpenFile(home+"/.config/cert400/ca.crt", os.O_WRONLY|os.O_CREATE, 0600)
 	if err != nil {
 		log.Fatalf("Error happened opening file: %v\n", err)
 	}